From 6cdc26b55bc7ef867d4aaf13f0b825521636bf7d Mon Sep 17 00:00:00 2001 From: johnnyq Date: Sun, 9 Nov 2025 12:24:04 -0500 Subject: [PATCH 01/32] Fix broken edit payment methods due to missing hidden field --- admin/modals/payment_method/payment_method_edit.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/admin/modals/payment_method/payment_method_edit.php b/admin/modals/payment_method/payment_method_edit.php index d6c70386..c063640a 100644 --- a/admin/modals/payment_method/payment_method_edit.php +++ b/admin/modals/payment_method/payment_method_edit.php @@ -22,7 +22,7 @@ ob_start();
- +
From abb97ad99f010ef69dda4d1d89a898339608f666 Mon Sep 17 00:00:00 2001 From: johnnyq Date: Tue, 11 Nov 2025 19:57:51 -0500 Subject: [PATCH 02/32] [Feature] Added Asset Tags --- ...ct_templates.php => contract_template.php} | 0 admin/database_updates.php | 31 +- admin/includes/side_nav.php | 2 +- .../contract_template_add.php | 144 ++++++++-- .../contract_template_edit.php | 265 ++++++++++++++++++ admin/modals/tag/tag_add.php | 5 +- admin/modals/tag/tag_edit.php | 3 +- admin/post/contract_template.php | 134 +++++++-- admin/tag.php | 2 + agent/assets.php | 96 ++++++- agent/modals/asset/asset_add.php | 29 ++ agent/modals/asset/asset_bulk_assign_tags.php | 61 ++++ agent/modals/asset/asset_edit.php | 36 ++- agent/post/asset.php | 64 +++++ db.sql | 20 +- includes/database_version.php | 2 +- 16 files changed, 821 insertions(+), 73 deletions(-) rename admin/{contract_templates.php => contract_template.php} (100%) create mode 100644 admin/modals/contract_template/contract_template_edit.php create mode 100644 agent/modals/asset/asset_bulk_assign_tags.php diff --git a/admin/contract_templates.php b/admin/contract_template.php similarity index 100% rename from admin/contract_templates.php rename to admin/contract_template.php diff --git a/admin/database_updates.php b/admin/database_updates.php index f1e138af..ee595709 100644 --- a/admin/database_updates.php +++ b/admin/database_updates.php @@ -4059,9 +4059,7 @@ if (LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION) { `contract_template_created_at` DATETIME DEFAULT CURRENT_TIMESTAMP, `contract_template_updated_at` DATETIME NULL ON UPDATE CURRENT_TIMESTAMP, - `contract_template_archived_at` DATETIME NULL DEFAULT NULL, - - `company_id` INT(11) NOT NULL + `contract_template_archived_at` DATETIME NULL DEFAULT NULL ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;"); @@ -4115,10 +4113,31 @@ if (LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION) { mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.3.7'"); } - // if (CURRENT_DATABASE_VERSION == '2.3.7') { - // // Insert queries here required to update to DB version 2.3.8 + if (CURRENT_DATABASE_VERSION == '2.3.7') { + + mysqli_query($mysqli, " + CREATE TABLE `asset_tags` ( + `asset_tag_asset_id` INT(11) NOT NULL, + `asset_tag_tag_id` INT(11) NOT NULL, + PRIMARY KEY (`asset_tag_asset_id`, `asset_tag_tag_id`), + CONSTRAINT `fk_asset` + FOREIGN KEY (`asset_tag_asset_id`) + REFERENCES `assets`(`asset_id`) + ON DELETE CASCADE, + CONSTRAINT `fk_tag` + FOREIGN KEY (`asset_tag_tag_id`) + REFERENCES `tags`(`tag_id`) + ON DELETE CASCADE + ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4; + "); + + mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.3.8'"); + } + + // if (CURRENT_DATABASE_VERSION == '2.3.8') { + // // Insert queries here required to update to DB version 2.3.9 // // Then, update the database to the next sequential version - // mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.3.8'"); + // mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '2.3.9'"); // } } else { diff --git a/admin/includes/side_nav.php b/admin/includes/side_nav.php index 230f9fdd..3cbe9ccc 100644 --- a/admin/includes/side_nav.php +++ b/admin/includes/side_nav.php @@ -111,7 +111,7 @@
  • TEMPLATES
  • - +

    Contract Templates

     diff --git a/admin/modals/contract_template/contract_template_add.php b/admin/modals/contract_template/contract_template_add.php index be330d95..ad4c5596 100644 --- a/admin/modals/contract_template/contract_template_add.php +++ b/admin/modals/contract_template/contract_template_add.php @@ -1,15 +1,18 @@
    New Contract Template
    +
    • @@ -25,37 +28,62 @@ $update_frequency_array = ['Manual', 'Annually', '2 Year', '3 Year', '5 Year', ' Details
    + -
    -
    - +
    +
    + +
    + +
    +
    + +
    + +
    +
    + +
    + +
    - +
    +
    + +
    + +
    - - + +
    +
    + +
    + +
    @@ -64,33 +92,63 @@ $update_frequency_array = ['Manual', 'Annually', '2 Year', '3 Year', '5 Year', '
    - +
    +
    + +
    + +
    - +
    +
    + +
    + +
    - +
    +
    + +
    + +
    - +
    +
    + +
    + +
    - +
    +
    + +
    + +
    - +
    +
    + +
    + +
    @@ -99,29 +157,49 @@ $update_frequency_array = ['Manual', 'Annually', '2 Year', '3 Year', '5 Year', '
    - +
    +
    + +
    + +
    - +
    +
    + +
    + +
    - +
    +
    + +
    + +
    - +
    +
    + +
    + +
    - +
    @@ -129,8 +207,12 @@ $update_frequency_array = ['Manual', 'Annually', '2 Year', '3 Year', '5 Year', '
    - - + +
    • diff --git a/admin/modals/contract_template/contract_template_edit.php b/admin/modals/contract_template/contract_template_edit.php new file mode 100644 index 00000000..2ce93048 --- /dev/null +++ b/admin/modals/contract_template/contract_template_edit.php @@ -0,0 +1,265 @@ + + +
    +
    Edit Contract Template
    + +
    + + + + +
    + + +
    +
    + + +
    +
    + +
    +
    + +
    + +
    +
    + +
    + +
    +
    + +
    + +
    +
    + +
    + +
    +
    + +
    + +
    +
    + +
    + +
    +
    + +
    + +
    +
    +
    + + +
    +
    +
    + +
    +
    + +
    + +
    +
    +
    + +
    +
    + +
    + +
    +
    +
    + +
    +
    + +
    +
    + +
    + +
    +
    +
    + +
    +
    + +
    + +
    +
    +
    + +
    +
    + +
    +
    + +
    + +
    +
    +
    + +
    +
    + +
    + +
    +
    +
    +
    + + +
    +
    + +
    +
    + +
    + +
    +
    + +
    + +
    +
    + +
    + +
    +
    + +
    + +
    +
    + +
    + +
    +
    + +
    + +
    +
    + +
    + +
    +
    +
    + + +
    +
    + +
    +
    + +
    + +
    +
    +
    + +
    +
    + +
    + + +
    +
    + + diff --git a/admin/modals/tag/tag_add.php b/admin/modals/tag/tag_add.php index 9bd6d489..a878cb58 100644 --- a/admin/modals/tag/tag_add.php +++ b/admin/modals/tag/tag_add.php @@ -15,6 +15,8 @@ if (isset($_GET['type'])) { $type_display = "Contact"; } elseif ($type === 4) { $type_display = "Credential"; + } elseif ($type === 5) { + $type_display = "Asset"; } } ob_start(); @@ -58,6 +60,7 @@ ob_start(); +
    @@ -86,7 +89,7 @@ ob_start();
    - +
    diff --git a/admin/modals/tag/tag_edit.php b/admin/modals/tag/tag_edit.php index 8aa3c2ae..bfd49962 100644 --- a/admin/modals/tag/tag_edit.php +++ b/admin/modals/tag/tag_edit.php @@ -47,6 +47,7 @@ ob_start(); + @@ -73,7 +74,7 @@ ob_start();
    - +
    diff --git a/admin/post/contract_template.php b/admin/post/contract_template.php index 585e3c9e..6e277a3e 100644 --- a/admin/post/contract_template.php +++ b/admin/post/contract_template.php @@ -9,11 +9,12 @@ defined('FROM_POST_HANDLER') || die("Direct file access is not allowed"); if (isset($_POST['add_contract_template'])) { // Sanitize text inputs - $name = sanitizeInput($_POST['contract_template_name']); - $type = sanitizeInput($_POST['contract_template_type']); - $update_frequency = sanitizeInput($_POST['contract_template_update_frequency']); - $support_hours = sanitizeInput($_POST['contract_template_support_hours']); - $details = mysql_escape_string($mysqli, $_POST['contract_template_details']); + $name = sanitizeInput($_POST['name']); + $description = sanitizeInput($_POST['description']); + $type = sanitizeInput($_POST['type']); + $renewal_frequency = sanitizeInput($_POST['renewal_frequency']); + $support_hours = sanitizeInput($_POST['support_hours']); + $details = mysqli_escape_string($mysqli, $_POST['details']); // Numeric fields cast to integer $sla_low_resp = intval($_POST['sla_low_response_time']); @@ -22,9 +23,9 @@ if (isset($_POST['add_contract_template'])) { $sla_low_res = intval($_POST['sla_low_resolution_time']); $sla_med_res = intval($_POST['sla_medium_resolution_time']); $sla_high_res = intval($_POST['sla_high_resolution_time']); - $hourly_rate = intval($_POST['contract_template_hourly_rate']); - $after_hours_rate = intval($_POST['contract_template_after_hours_hourly_rate']); - $net_terms = intval($_POST['contract_template_net_terms']); + $rate_standard = intval($_POST['rate_standard']); + $rate_after_hours = intval($_POST['hourly_rate_after_hours']); + $net_terms = intval($_POST['net_terms']); // Insert into database (numbers not quoted) mysqli_query($mysqli, " @@ -33,19 +34,17 @@ if (isset($_POST['add_contract_template'])) { contract_template_description = '$description', contract_template_details = '$details', contract_template_type = '$type', - contract_template_update_frequency = '$update_frequency', - sla_low_response_time = $sla_low_resp, - sla_medium_response_time = $sla_med_resp, - sla_high_response_time = $sla_high_resp, - sla_low_resolution_time = $sla_low_res, - sla_medium_resolution_time = $sla_med_res, - sla_high_resolution_time = $sla_high_res, - contract_template_hourly_rate = $hourly_rate, - contract_template_after_hours_hourly_rate = $after_hours_rate, + contract_template_renewal_frequency = '$renewal_frequency', + contract_template_sla_low_response_time = $sla_low_resp, + contract_template_sla_medium_response_time = $sla_med_resp, + contract_template_sla_high_response_time = $sla_high_resp, + contract_template_sla_low_resolution_time = $sla_low_res, + contract_template_sla_medium_resolution_time = $sla_med_res, + contract_template_sla_high_resolution_time = $sla_high_res, + contract_template_rate_standard = $rate_standard, + contract_template_rate_after_hours = $rate_after_hours, contract_template_support_hours = '$support_hours', - contract_template_net_terms = $net_terms, - contract_template_created_by = $session_user_id, - contract_template_created_at = NOW() + contract_template_net_terms = $net_terms "); $contract_template_id = mysqli_insert_id($mysqli); @@ -60,4 +59,99 @@ if (isset($_POST['add_contract_template'])) { redirect(); } +if (isset($_POST['edit_contract_template'])) { + + $contract_template_id = intval($_POST['contract_template_id']); + $name = sanitizeInput($_POST['name']); + $description = sanitizeInput($_POST['description']); + $type = sanitizeInput($_POST['type']); + $renewal_frequency= sanitizeInput($_POST['renewal_frequency']); + $support_hours = sanitizeInput($_POST['support_hours']); + $details = mysqli_escape_string($mysqli, $_POST['details']); + $sla_low_resp = intval($_POST['sla_low_response_time']); + $sla_med_resp = intval($_POST['sla_medium_response_time']); + $sla_high_resp = intval($_POST['sla_high_response_time']); + $sla_low_res = intval($_POST['sla_low_resolution_time']); + $sla_med_res = intval($_POST['sla_medium_resolution_time']); + $sla_high_res = intval($_POST['sla_high_resolution_time']); + $rate_standard = intval($_POST['rate_standard']); + $rate_after_hours = intval($_POST['rate_after_hours']); + $net_terms = intval($_POST['net_terms']); + + mysqli_query($mysqli, " + UPDATE contract_templates SET + contract_template_name = '$name', + contract_template_description = '$description', + contract_template_details = '$details', + contract_template_type = '$type', + contract_template_renewal_frequency = '$renewal_frequency', + contract_template_sla_low_response_time = $sla_low_resp, + contract_template_sla_medium_response_time = $sla_med_resp, + contract_template_sla_high_response_time = $sla_high_resp, + contract_template_sla_low_resolution_time = $sla_low_res, + contract_template_sla_medium_resolution_time = $sla_med_res, + contract_template_sla_high_resolution_time = $sla_high_res, + contract_template_rate_standard = $rate_standard, + contract_template_rate_after_hours = $rate_after_hours, + contract_template_support_hours = '$support_hours', + contract_template_net_terms = $net_terms + WHERE contract_template_id = $contract_template_id + "); + + // Log action + logAction("Contract Template", "Update", "$session_name updated contract template $name", 0, $contract_template_id); + + // Flash + redirect + flash_alert("Contract Template $name updated"); + redirect(); +} + +if (isset($_GET['archive_contract_template'])) { + $contract_template_id = intval($_GET['archive_contract_template']); + + $name = getFieldById('contract_templates', $contract_template_id, 'contract_template_name'); + + mysqli_query($mysqli, " + UPDATE contract_templates SET contract_template_archived_at = NOW() + WHERE contract_template_id = $contract_template_id + LIMIT 1 + "); + + logAction("Contract Template", "Archive", "$session_name archived contract template $name", 0, $contract_template_id); + flash_alert("Contract Template $name archived", "danger"); + redirect(); +} + +if (isset($_GET['restore_contract_template'])) { + $contract_template_id = intval($_GET['restore_contract_template']); + + $name = getFieldById('contract_templates', $contract_template_id, 'contract_template_name'); + + mysqli_query($mysqli, " + UPDATE contract_templates SET contract_template_archived_at = NULL + WHERE contract_template_id = $contract_template_id + LIMIT 1 + "); + + logAction("Contract Template", "Restore", "$session_name restored contract template $name", 0, $contract_template_id); + flash_alert("Contract Template $name restored"); + redirect(); +} + +if (isset($_GET['delete_contract_template'])) { + $contract_template_id = intval($_GET['delete_contract_template']); + + $name = getFieldById('contract_templates', $contract_template_id, 'contract_template_name'); + + mysqli_query($mysqli, " + DELETE FROM contract_templates + WHERE contract_template_id = $contract_template_id + LIMIT 1 + "); + + logAction("Contract Template", "Delete", "$session_name deleted contract template $name", 0, $contract_template_id); + flash_alert("Contract Template $name deleted", "danger"); + redirect(); +} + ?> diff --git a/admin/tag.php b/admin/tag.php index 33c7d5e9..fe2171fd 100644 --- a/admin/tag.php +++ b/admin/tag.php @@ -74,6 +74,8 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); $tag_type_display = "Contact Tag"; } elseif ( $tag_type == 4) { $tag_type_display = "Credential Tag"; + } elseif ( $tag_type == 5) { + $tag_type_display = "Asset Tag"; } else { $tag_type_display = "Unknown Tag"; } diff --git a/agent/assets.php b/agent/assets.php index c03d4eb4..04c33732 100644 --- a/agent/assets.php +++ b/agent/assets.php @@ -78,6 +78,18 @@ if ($client_url && isset($_GET['location']) && !empty($_GET['location'])) { $location_filter = 0; } +// Tags Filter +if (isset($_GET['tags']) && is_array($_GET['tags']) && !empty($_GET['tags'])) { + // Sanitize each element of the tags array + $sanitizedTags = array_map('intval', $_GET['tags']); + // Convert the sanitized tags into a comma-separated string + $tag_filter = implode(",", $sanitizedTags); + $tag_query = "AND tag_id IN ($tag_filter)"; +} else { + $tag_filter = 0; + $tag_query = ''; +} + //Get Asset Counts $row = mysqli_fetch_assoc(mysqli_query($mysqli, " SELECT @@ -93,9 +105,13 @@ $row = mysqli_fetch_assoc(mysqli_query($mysqli, " LEFT JOIN contacts ON asset_contact_id = contact_id LEFT JOIN locations ON asset_location_id = location_id LEFT JOIN asset_interfaces ON interface_asset_id = asset_id AND interface_primary = 1 + LEFT JOIN asset_tags ON asset_tag_asset_id = asset_id + LEFT JOIN tags ON tag_id = asset_tag_tag_id WHERE $archive_query + $tag_query $access_permission_query $client_query + GROUP BY asset_id ) AS filtered_assets; ")); @@ -127,13 +143,16 @@ $sql = mysqli_query( LEFT JOIN contacts ON asset_contact_id = contact_id LEFT JOIN locations ON asset_location_id = location_id LEFT JOIN asset_interfaces ON interface_asset_id = asset_id AND interface_primary = 1 + LEFT JOIN asset_tags ON asset_tag_asset_id = asset_id + LEFT JOIN tags ON tag_id = asset_tag_tag_id WHERE $archive_query - AND (asset_name LIKE '%$q%' OR asset_description LIKE '%$q%' OR asset_type LIKE '%$q%' OR interface_ip LIKE '%$q%' OR interface_ipv6 LIKE '%$q%' OR interface_mac LIKE '%$q%' OR asset_make LIKE '%$q%' OR asset_model LIKE '%$q%' OR asset_serial LIKE '%$q%' OR asset_os LIKE '%$q%' OR contact_name LIKE '%$q%' OR location_name LIKE '%$q%' OR client_name LIKE '%$q%') + $tag_query + AND (asset_name LIKE '%$q%' OR asset_description LIKE '%$q%' OR asset_type LIKE '%$q%' OR interface_ip LIKE '%$q%' OR interface_ipv6 LIKE '%$q%' OR interface_mac LIKE '%$q%' OR asset_make LIKE '%$q%' OR asset_model LIKE '%$q%' OR asset_serial LIKE '%$q%' OR asset_os LIKE '%$q%' OR contact_name LIKE '%$q%' OR location_name LIKE '%$q%' OR client_name LIKE '%$q%' OR tag_name LIKE '%$q%') AND ($type_query) $access_permission_query $location_query $client_query - + GROUP BY asset_id ORDER BY $sort $order LIMIT $record_from, $record_to" ); @@ -270,7 +289,32 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); -
    +
    +
    + +
    +
    +
    +
    - +
    - +
    -
    -
    +
    +
    + +
    + +
    +
    diff --git a/agent/modals/asset/asset_add.php b/agent/modals/asset/asset_add.php index 0b6ebccf..cda60a46 100644 --- a/agent/modals/asset/asset_add.php +++ b/agent/modals/asset/asset_add.php @@ -27,6 +27,8 @@ if ($os_sql && mysqli_num_rows($os_sql) > 0) { $json_os = json_encode($os_arr); } +$sql_tags_select = mysqli_query($mysqli, "SELECT tag_id, tag_name FROM tags WHERE tag_type = 5 ORDER BY tag_name ASC"); + ob_start(); ?> @@ -465,6 +467,33 @@ ob_start();
    +
    + +
    +
    + +
    + +
    + +
    +
    +
    + +
    diff --git a/agent/modals/asset/asset_bulk_assign_tags.php b/agent/modals/asset/asset_bulk_assign_tags.php new file mode 100644 index 00000000..e5bd8341 --- /dev/null +++ b/agent/modals/asset/asset_bulk_assign_tags.php @@ -0,0 +1,61 @@ + + +
    +
    Assign Tags for Assets
    + +
    +
    + + + +
    + + +
    + + +
    + +
    + +
    +
    + +
    + +
    +
    + +
    + +
    + + +
    +
    + + @@ -462,6 +469,33 @@ ob_start(); +
    + +
    +
    + +
    + +
    + +
    +
    +
    +

    Asset ID:

    diff --git a/agent/post/asset.php b/agent/post/asset.php index b22c8de5..8c1d22a6 100644 --- a/agent/post/asset.php +++ b/agent/post/asset.php @@ -20,6 +20,14 @@ if (isset($_POST['add_asset'])) { $asset_id = mysqli_insert_id($mysqli); + // Add Tags + if (isset($_POST['tags'])) { + foreach($_POST['tags'] as $tag) { + $tag = intval($tag); + mysqli_query($mysqli, "INSERT INTO asset_tags SET asset_tag_asset_id = $asset_id, asset_tag_tag_id = $tag"); + } + } + // Add Photo if (isset($_FILES['file']['tmp_name'])) { if ($new_file_name = checkFileUpload($_FILES['file'], array('jpg', 'jpeg', 'gif', 'png', 'webp'))) { @@ -108,6 +116,18 @@ if (isset($_POST['edit_asset'])) { mysqli_query($mysqli,"UPDATE assets SET asset_photo = '$new_file_name' WHERE asset_id = $asset_id"); } + // Tags + // Delete existing tags + mysqli_query($mysqli, "DELETE FROM asset_tags WHERE asset_tag_asset_id = $asset_id"); + + // Add new tags + if (isset($_POST['tags'])) { + foreach($_POST['tags'] as $tag) { + $tag = intval($tag); + mysqli_query($mysqli, "INSERT INTO asset_tags SET asset_tag_asset_id = $asset_id, asset_tag_tag_id = $tag"); + } + } + logAction("Asset", "Edit", "$session_name edited asset $name", $client_id, $asset_id); flash_alert("Asset $name edited"); @@ -188,6 +208,50 @@ if (isset($_GET['delete_asset'])) { } +if (isset($_POST['bulk_assign_asset_tags'])) { + + enforceUserPermission('module_client', 2); + + if (isset($_POST['asset_ids'])) { + + $count = count($_POST['asset_ids']); + + foreach($_POST['asset_ids'] as $asset_id) { + $asset_id = intval($asset_id); + + $sql = mysqli_query($mysqli,"SELECT asset_name, asset_client_id FROM assets WHERE asset_id = $asset_id"); + $row = mysqli_fetch_array($sql); + $asset_name = sanitizeInput($row['asset_name']); + $client_id = intval($row['asset_client_id']); + + if($_POST['remove_tags']) { + mysqli_query($mysqli, "DELETE FROM asset_tags WHERE asset_tag_asset_id = $asset_id"); + } + + if (isset($_POST['tags'])) { + foreach($_POST['tags'] as $tag) { + $tag = intval($tag); + + $sql = mysqli_query($mysqli,"SELECT * FROM asset_tags WHERE asset_tag_asset_id = $asset_id AND asset_tag_tag_id = $tag"); + if (mysqli_num_rows($sql) == 0) { + mysqli_query($mysqli, "INSERT INTO asset_tags SET asset_tag_asset_id = $asset_id, asset_tag_tag_id = $tag"); + } + } + } + + logAction("Asset", "Edit", "$session_name added tags to asset $asset_name", $client_id, $asset_id); + + } + + logAction("Asset", "Bulk Edit", "$session_name added tags for $asset_count assets", $client_id); + + flash_alert("Assigned tags for $count assets"); + } + + redirect(); + +} + if (isset($_POST['bulk_assign_asset_location'])) { validateCSRFToken($_POST['csrf_token']); diff --git a/db.sql b/db.sql index 6a1fddf5..42af2911 100644 --- a/db.sql +++ b/db.sql @@ -275,6 +275,23 @@ CREATE TABLE `asset_notes` ( ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci; /*!40101 SET character_set_client = @saved_cs_client */; +-- +-- Table structure for table `asset_tags` +-- + +DROP TABLE IF EXISTS `asset_tags`; +/*!40101 SET @saved_cs_client = @@character_set_client */; +/*!40101 SET character_set_client = utf8mb4 */; +CREATE TABLE `asset_tags` ( + `asset_tag_asset_id` int(11) NOT NULL, + `asset_tag_tag_id` int(11) NOT NULL, + PRIMARY KEY (`asset_tag_asset_id`,`asset_tag_tag_id`), + KEY `fk_tag` (`asset_tag_tag_id`), + CONSTRAINT `fk_asset` FOREIGN KEY (`asset_tag_asset_id`) REFERENCES `assets` (`asset_id`) ON DELETE CASCADE, + CONSTRAINT `fk_tag` FOREIGN KEY (`asset_tag_tag_id`) REFERENCES `tags` (`tag_id`) ON DELETE CASCADE +) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci; +/*!40101 SET character_set_client = @saved_cs_client */; + -- -- Table structure for table `assets` -- @@ -800,7 +817,6 @@ CREATE TABLE `contract_templates` ( `contract_template_created_at` datetime DEFAULT current_timestamp(), `contract_template_updated_at` datetime DEFAULT NULL ON UPDATE current_timestamp(), `contract_template_archived_at` datetime DEFAULT NULL, - `company_id` int(11) NOT NULL, PRIMARY KEY (`contract_template_id`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci; /*!40101 SET character_set_client = @saved_cs_client */; @@ -2897,4 +2913,4 @@ CREATE TABLE `vendors` ( /*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */; /*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */; --- Dump completed on 2025-11-07 16:47:40 +-- Dump completed on 2025-11-11 19:57:21 diff --git a/includes/database_version.php b/includes/database_version.php index 550ddbd1..63110ccf 100644 --- a/includes/database_version.php +++ b/includes/database_version.php @@ -5,4 +5,4 @@ * It is used in conjunction with database_updates.php */ -DEFINE("LATEST_DATABASE_VERSION", "2.3.7"); +DEFINE("LATEST_DATABASE_VERSION", "2.3.8"); From 0ac76766bd59c6433a98bf1f5ec503968d98d5ed Mon Sep 17 00:00:00 2001 From: johnnyq Date: Tue, 11 Nov 2025 21:05:59 -0500 Subject: [PATCH 03/32] Add Asset Tags Display in Contact Details, asset details, along with their detail modals --- agent/asset_details.php | 29 +++++++++++++++++- agent/assets.php | 1 + agent/contact_details.php | 39 ++++++++++++++++++++++-- agent/modals/asset/asset_details.php | 29 +++++++++++++++++- agent/modals/contact/contact_details.php | 38 +++++++++++++++++++++-- 5 files changed, 130 insertions(+), 6 deletions(-) diff --git a/agent/asset_details.php b/agent/asset_details.php index 8a5848ca..bdbc3452 100644 --- a/agent/asset_details.php +++ b/agent/asset_details.php @@ -118,6 +118,28 @@ if (isset($_GET['asset_id'])) { ); $document_count = mysqli_num_rows($sql_related_documents); + // Tags - many to many relationship + $asset_tag_name_display_array = array(); + $asset_tag_id_array = array(); + $sql_asset_tags = mysqli_query($mysqli, "SELECT * FROM asset_tags LEFT JOIN tags ON asset_tag_tag_id = tag_id WHERE asset_tag_asset_id = $asset_id ORDER BY tag_name ASC"); + while ($row = mysqli_fetch_array($sql_asset_tags)) { + + $asset_tag_id = intval($row['tag_id']); + $asset_tag_name = nullable_htmlentities($row['tag_name']); + $asset_tag_color = nullable_htmlentities($row['tag_color']); + if (empty($asset_tag_color)) { + $asset_tag_color = "dark"; + } + $asset_tag_icon = nullable_htmlentities($row['tag_icon']); + if (empty($asset_tag_icon)) { + $asset_tag_icon = "tag"; + } + + $asset_tag_id_array[] = $asset_tag_id; + $asset_tag_name_display_array[] = "$asset_tag_name"; + } + $asset_tags_display = implode('', $asset_tag_name_display_array); + // Network Interfaces $sql_related_interfaces = mysqli_query($mysqli, " SELECT @@ -257,8 +279,13 @@ if (isset($_GET['asset_id'])) {
    + +
    + +
    + -
    +
    diff --git a/agent/assets.php b/agent/assets.php index 04c33732..237ed926 100644 --- a/agent/assets.php +++ b/agent/assets.php @@ -358,6 +358,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); data-bulk="true"> Assign Location +
    @@ -413,6 +442,12 @@ if (isset($_GET['contact_id'])) {
    + +
    + +
    + diff --git a/agent/modals/asset/asset_details.php b/agent/modals/asset/asset_details.php index 85f59640..f7e771e2 100644 --- a/agent/modals/asset/asset_details.php +++ b/agent/modals/asset/asset_details.php @@ -70,6 +70,28 @@ if ($location_archived_at) { $location_name_display = $location_name; } +// Tags - many to many relationship +$asset_tag_name_display_array = array(); +$asset_tag_id_array = array(); +$sql_asset_tags = mysqli_query($mysqli, "SELECT * FROM asset_tags LEFT JOIN tags ON asset_tag_tag_id = tag_id WHERE asset_tag_asset_id = $asset_id ORDER BY tag_name ASC"); +while ($row = mysqli_fetch_array($sql_asset_tags)) { + + $asset_tag_id = intval($row['tag_id']); + $asset_tag_name = nullable_htmlentities($row['tag_name']); + $asset_tag_color = nullable_htmlentities($row['tag_color']); + if (empty($asset_tag_color)) { + $asset_tag_color = "dark"; + } + $asset_tag_icon = nullable_htmlentities($row['tag_icon']); + if (empty($asset_tag_icon)) { + $asset_tag_icon = "tag"; + } + + $asset_tag_id_array[] = $asset_tag_id; + $asset_tag_name_display_array[] = "    $asset_tag_name"; +} +$asset_tags_display = implode('', $asset_tag_name_display_array); + // Network Interfaces $sql_related_interfaces = mysqli_query($mysqli, " SELECT @@ -262,8 +284,13 @@ ob_start();
    + +
    + +
    + -
    +
    diff --git a/agent/modals/contact/contact_details.php b/agent/modals/contact/contact_details.php index 59e4ff11..a6121544 100644 --- a/agent/modals/contact/contact_details.php +++ b/agent/modals/contact/contact_details.php @@ -51,7 +51,14 @@ $auth_method = nullable_htmlentities($row['user_auth_method']); $contact_client_id = intval($row['contact_client_id']); // Related Assets Query - 1 to 1 relationship -$sql_related_assets = mysqli_query($mysqli, "SELECT * FROM assets LEFT JOIN asset_interfaces ON interface_asset_id = asset_id AND interface_primary = 1 WHERE asset_contact_id = $contact_id ORDER BY asset_name DESC"); +$sql_related_assets = mysqli_query($mysqli, "SELECT * FROM assets + LEFT JOIN asset_interfaces ON interface_asset_id = asset_id AND interface_primary = 1 + LEFT JOIN asset_tags ON asset_tag_asset_id = asset_id + LEFT JOIN tags ON tag_id = asset_tag_tag_id + WHERE asset_contact_id = $contact_id + GROUP BY asset_id + ORDER BY asset_name ASC" +); $asset_count = mysqli_num_rows($sql_related_assets); // Linked Software Licenses @@ -77,7 +84,7 @@ $sql_related_credentials = mysqli_query($mysqli, " LEFT JOIN tags ON tags.tag_id = credential_tags.tag_id WHERE credential_contact_id = $contact_id GROUP BY credentials.credential_id - ORDER BY credential_name DESC + ORDER BY credential_name ASC "); $credential_count = mysqli_num_rows($sql_related_credentials); @@ -376,6 +383,27 @@ ob_start(); $asset_notes = nullable_htmlentities($row['asset_notes']); $asset_created_at = nullable_htmlentities($row['asset_created_at']); $device_icon = getAssetIcon($asset_type); + // Tags + $asset_tag_name_display_array = array(); + $asset_tag_id_array = array(); + $sql_asset_tags = mysqli_query($mysqli, "SELECT * FROM asset_tags LEFT JOIN tags ON asset_tag_tag_id = tag_id WHERE asset_tag_asset_id = $asset_id ORDER BY tag_name ASC"); + while ($row = mysqli_fetch_array($sql_asset_tags)) { + + $asset_tag_id = intval($row['tag_id']); + $asset_tag_name = nullable_htmlentities($row['tag_name']); + $asset_tag_color = nullable_htmlentities($row['tag_color']); + if (empty($asset_tag_color)) { + $asset_tag_color = "dark"; + } + $asset_tag_icon = nullable_htmlentities($row['tag_icon']); + if (empty($asset_tag_icon)) { + $asset_tag_icon = "tag"; + } + + $asset_tag_id_array[] = $asset_tag_id; + $asset_tag_name_display_array[] = "$asset_tag_name"; + } + $asset_tags_display = implode('', $asset_tag_name_display_array); ?> @@ -389,6 +417,12 @@ ob_start();
    + +
    + +
    + From 15ed4ef1ce058fb70b6b566de17aadf816d7a454 Mon Sep 17 00:00:00 2001 From: johnnyq Date: Wed, 12 Nov 2025 14:35:06 -0500 Subject: [PATCH 04/32] Fix unable to delete Vendor Templates --- admin/vendor_template.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/admin/vendor_template.php b/admin/vendor_template.php index 716371b9..b201d0df 100644 --- a/admin/vendor_template.php +++ b/admin/vendor_template.php @@ -140,7 +140,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    - + Delete From 26ab43c57ffab6c5e8b52137b07b81dec16f1a93 Mon Sep 17 00:00:00 2001 From: johnnyq Date: Wed, 12 Nov 2025 14:50:05 -0500 Subject: [PATCH 05/32] Fix Mail Queue link when sending a test email, updated the quote send email wording to Quote sent --- admin/post/settings_mail.php | 2 +- agent/post/quote.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/admin/post/settings_mail.php b/admin/post/settings_mail.php index d7b2e6a7..e515e75d 100644 --- a/admin/post/settings_mail.php +++ b/admin/post/settings_mail.php @@ -150,7 +150,7 @@ if (isset($_POST['test_email_smtp'])) { $mail = addToMailQueue($data); if ($mail === true) { - flash_alert("Test email queued! Check Admin > Mail queue"); + flash_alert("Test email queued! Check Admin > Mail queue"); } else { flash_alert("Failed to add test mail to queue", 'error'); } diff --git a/agent/post/quote.php b/agent/post/quote.php index 0b9e2a4c..6a8695a0 100644 --- a/agent/post/quote.php +++ b/agent/post/quote.php @@ -497,7 +497,7 @@ if (isset($_GET['email_quote'])) { logAction("Quote", "Email", "$session_name emailed quote $quote_prefix$quote_number to $contact_email", $client_id, $quote_id); - flash_alert("Quote has been queued successfully! See Mail Queue"); + flash_alert("Quote sent!"); //Don't change the status to sent if the status is anything but draft if ($quote_status == 'Draft') { From af8e733cfb1394861a04e74225dced5bca1089cd Mon Sep 17 00:00:00 2001 From: johnnyq Date: Wed, 12 Nov 2025 16:27:03 -0500 Subject: [PATCH 06/32] Added Quick Add Links to the majority of Side bars navs --- admin/includes/side_nav.php | 80 ++++++++++++++++----- agent/includes/client_overview_side_nav.php | 9 +++ agent/includes/client_side_nav.php | 22 +++++- agent/includes/side_nav.php | 23 ++++-- 4 files changed, 112 insertions(+), 22 deletions(-) diff --git a/admin/includes/side_nav.php b/admin/includes/side_nav.php index 3cbe9ccc..dabf89d8 100644 --- a/admin/includes/side_nav.php +++ b/admin/includes/side_nav.php @@ -18,25 +18,37 @@
  • "> -

    Users

    +

    + Users + +

  • "> -

    Roles

    +

    + + Roles +

  • "> -

    Modules

    +

    + Modules + +

  • "> -

    API Keys

    +

    + + API Keys +

  • TAGS & CATEGORIES
    • @@ -44,26 +56,38 @@
  • -

    Tags

    +

    + + Tags +

  • -

    Categories

    +

    + + Categories +

  • -

    Taxes

    +

    + + Taxes +

  • -

    Payment Methods

    +

    + + Payment Methods +

  • @@ -96,14 +120,20 @@
  • -

    Ticket Statuses

    +

    + + Ticket Statuses +

  • -

    Custom Links

    +

    + + Custom Links +

    • @@ -113,37 +143,55 @@
  • -

    Contract Templates

    +

    + + Contract Templates +

  • -

    Project Templates

    +

    + + Project Templates +

  • -

    Ticket Templates

    +

    + + Ticket Templates +

  • -

    Vendor Templates

    +

    + + Vendor Templates +

  • -

    License Templates

    +

    + + License Templates +

  • -

    Document Templates

    +

    + + Document Templates +

    • diff --git a/agent/includes/client_overview_side_nav.php b/agent/includes/client_overview_side_nav.php index bdd81b8f..429ac5de 100644 --- a/agent/includes/client_overview_side_nav.php +++ b/agent/includes/client_overview_side_nav.php @@ -53,6 +53,7 @@ $num_software = $row['num'];

    Contacts + 0) { ?> @@ -65,6 +66,7 @@ $num_software = $row['num'];

    Locations + 0) { ?> @@ -77,6 +79,7 @@ $num_software = $row['num'];

    Assets + 0) { ?> @@ -89,6 +92,7 @@ $num_software = $row['num'];

    Licenses + 0) { ?> @@ -101,6 +105,7 @@ $num_software = $row['num'];

    Credentials + 0) { ?> @@ -113,6 +118,7 @@ $num_software = $row['num'];

    Networks + 0) { ?> @@ -125,6 +131,7 @@ $num_software = $row['num'];

    Certificates + 0) { ?> @@ -137,6 +144,7 @@ $num_software = $row['num'];

    Domains + 0) { ?> @@ -149,6 +157,7 @@ $num_software = $row['num'];

    Services + 0) { ?> diff --git a/agent/includes/client_side_nav.php b/agent/includes/client_side_nav.php index 1090ebe3..d7c479d5 100644 --- a/agent/includes/client_side_nav.php +++ b/agent/includes/client_side_nav.php @@ -30,6 +30,7 @@

    Contacts + 0) { ?> @@ -43,6 +44,7 @@

    Locations + 0) { ?> @@ -59,6 +61,7 @@

    Tickets + 0) { ?> @@ -73,6 +76,7 @@

    Recurring Tickets + @@ -87,6 +91,7 @@

    Projects + @@ -101,6 +106,7 @@

    Vendors + 0) { ?> @@ -132,6 +138,7 @@

    Assets + 0) { ?> @@ -145,6 +152,7 @@

    Licenses + 0) { ?> @@ -159,6 +167,7 @@

    Credentials + 0) { ?> @@ -173,6 +182,7 @@

    Networks + 0) { ?> @@ -186,6 +196,7 @@

    Racks + 0) { ?> @@ -199,7 +210,7 @@

    Certificates - + 0) { ?> @@ -213,7 +224,7 @@

    Domains - + 0) { ?> @@ -227,6 +238,7 @@

    Services + 0) { ?> @@ -240,6 +252,7 @@

    Documents + 0) { ?> @@ -256,6 +269,7 @@

    Files + 0) { ?> @@ -277,6 +291,7 @@

    Invoices + 0) { ?> @@ -290,6 +305,7 @@

    Recurring Invoices + @@ -303,6 +319,7 @@

    Quotes + 0) { ?> @@ -333,6 +350,7 @@

    Trips + 0) { ?> diff --git a/agent/includes/side_nav.php b/agent/includes/side_nav.php index dcc56be7..10f97da8 100644 --- a/agent/includes/side_nav.php +++ b/agent/includes/side_nav.php @@ -23,10 +23,11 @@ ">

    - Clients - - - + Clients + + + +

    @@ -40,6 +41,7 @@

    Tickets + @@ -51,6 +53,7 @@

    Recurring Tickets + @@ -62,6 +65,7 @@

    Projects + @@ -84,6 +88,7 @@

    Quotes + @@ -95,6 +100,7 @@

    Invoices + @@ -106,6 +112,7 @@

    Recurring Invoices + @@ -116,12 +123,14 @@ ">

    Revenues

    +
  • ">

    Products

    +
    • @@ -137,12 +146,14 @@ ">

    Vendors

    +
  • ">

    Expenses

    +
  • @@ -150,6 +161,7 @@

    Recurring Expenses + @@ -160,18 +172,21 @@ ">

    Accounts

    +
  • ">

    Transfers

    +
  • ">

    Trips

    +
    • From 7230325e62ca9b27667c7c5a142c7ebf6ea5e4a7 Mon Sep 17 00:00:00 2001 From: johnnyq Date: Wed, 12 Nov 2025 17:04:53 -0500 Subject: [PATCH 07/32] Migrate Ticket Template add to ajax-modal, add category type option if not defined, add product type if not defined --- admin/includes/side_nav.php | 2 +- admin/modals/category/category_add.php | 28 +++- .../ticket_template/ticket_template_add.php | 142 +++++++++--------- admin/ticket_template.php | 3 +- agent/modals/product/product_add.php | 25 ++- 5 files changed, 124 insertions(+), 76 deletions(-) diff --git a/admin/includes/side_nav.php b/admin/includes/side_nav.php index dabf89d8..e2fedd98 100644 --- a/admin/includes/side_nav.php +++ b/admin/includes/side_nav.php @@ -162,7 +162,7 @@

    - + Ticket Templates

    diff --git a/admin/modals/category/category_add.php b/admin/modals/category/category_add.php index 52d9769d..8fa6ac74 100644 --- a/admin/modals/category/category_add.php +++ b/admin/modals/category/category_add.php @@ -2,7 +2,9 @@ require_once '../../../includes/modal_header.php'; -$category = nullable_htmlentities($_GET['category']); +$category = nullable_htmlentities($_GET['category'] ?? ''); + +$category_types_array = ['Expense', 'Income', 'Referral', 'Ticket']; ?> @@ -13,10 +15,30 @@ $category = nullable_htmlentities($_GET['category']);
    -
    + + + + +
    + +
    +
    + +
    + +
    +
    + + +
    @@ -39,7 +61,7 @@ $category = nullable_htmlentities($_GET['category']);
    - +
    diff --git a/admin/modals/ticket_template/ticket_template_add.php b/admin/modals/ticket_template/ticket_template_add.php index 1c1c837a..cfccd8d1 100644 --- a/admin/modals/ticket_template/ticket_template_add.php +++ b/admin/modals/ticket_template/ticket_template_add.php @@ -1,75 +1,79 @@ - From d2523cff4a850c0b3eadc95cbf48534eb90e1fa2 Mon Sep 17 00:00:00 2001 From: johnnyq Date: Sun, 16 Nov 2025 18:41:30 -0500 Subject: [PATCH 23/32] Add Tag Displays in edit and listing, remove unused type column --- admin/modals/tag/tag_edit.php | 34 ++++++++++++-------------- admin/post/tag.php | 2 +- admin/tag.php | 45 +++++++++++++++-------------------- 3 files changed, 35 insertions(+), 46 deletions(-) diff --git a/admin/modals/tag/tag_edit.php b/admin/modals/tag/tag_edit.php index bfd49962..312244b4 100644 --- a/admin/modals/tag/tag_edit.php +++ b/admin/modals/tag/tag_edit.php @@ -12,11 +12,24 @@ $tag_type = intval($row['tag_type']); $tag_color = nullable_htmlentities($row['tag_color']); $tag_icon = nullable_htmlentities($row['tag_icon']); -// Generate the HTML form content using output buffering. +if ($tag_type == 1) { + $tag_type_display = "Client"; +} elseif ( $tag_type == 2) { + $tag_type_display = "Location"; +} elseif ( $tag_type == 3) { + $tag_type_display = "Contact"; +} elseif ( $tag_type == 4) { + $tag_type_display = "Credential"; + } elseif ( $tag_type == 5) { + $tag_type_display = "Asset"; +} else { + $tag_type_display = "Unknown"; +} + ob_start(); ?>
    -
    Editing tag:
    +
    Tag:
    @@ -35,23 +48,6 @@ ob_start();
    -
    - -
    -
    - -
    - -
    -
    -
    diff --git a/admin/post/tag.php b/admin/post/tag.php index 4911b57e..815a614c 100644 --- a/admin/post/tag.php +++ b/admin/post/tag.php @@ -28,7 +28,7 @@ if (isset($_POST['edit_tag'])) { $tag_id = intval($_POST['tag_id']); - mysqli_query($mysqli,"UPDATE tags SET tag_name = '$name', tag_type = $type, tag_color = '$color', tag_icon = '$icon' WHERE tag_id = $tag_id"); + mysqli_query($mysqli,"UPDATE tags SET tag_name = '$name', tag_color = '$color', tag_icon = '$icon' WHERE tag_id = $tag_id"); logAction("Tag", "Edit", "$session_name edited tag $name", 0, $tag_id); diff --git a/admin/tag.php b/admin/tag.php index 773a9db6..bce8559c 100644 --- a/admin/tag.php +++ b/admin/tag.php @@ -12,6 +12,20 @@ if (isset($_GET['type'])) { $type_filter = 1; } +if ($type_filter == 1) { + $tag_type_display = "Client"; +} elseif ( $type_filter == 2) { + $tag_type_display = "Location"; +} elseif ( $type_filter == 3) { + $tag_type_display = "Contact"; +} elseif ( $type_filter == 4) { + $tag_type_display = "Credential"; + } elseif ( $type_filter == 5) { + $tag_type_display = "Asset"; +} else { + $tag_type_display = "Unknown"; +} + $sql = mysqli_query( $mysqli, "SELECT SQL_CALC_FOUND_ROWS * FROM tags @@ -26,9 +40,9 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    -

    Tags

    +

    Tags

    - +
    @@ -37,7 +51,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
    - +
    @@ -76,7 +90,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); } else { echo 'btn-default'; } ?>">Asset - - - - Type - - Action @@ -111,20 +120,6 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); while ($row = mysqli_fetch_array($sql)) { $tag_id = intval($row['tag_id']); $tag_name = nullable_htmlentities($row['tag_name']); - $tag_type = intval($row['tag_type']); - if ( $tag_type == 1) { - $tag_type_display = "Client Tag"; - } elseif ( $tag_type == 2) { - $tag_type_display = "Location Tag"; - } elseif ( $tag_type == 3) { - $tag_type_display = "Contact Tag"; - } elseif ( $tag_type == 4) { - $tag_type_display = "Credential Tag"; - } elseif ( $tag_type == 5) { - $tag_type_display = "Asset Tag"; - } else { - $tag_type_display = "Unknown Tag"; - } $tag_color = nullable_htmlentities($row['tag_color']); $tag_icon = nullable_htmlentities($row['tag_icon']); @@ -136,7 +131,6 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()")); -
    - +
    From 79160f9b5cc15105cd83bf967a2d0515af53796e Mon Sep 17 00:00:00 2001 From: johnnyq Date: Sun, 16 Nov 2025 19:35:42 -0500 Subject: [PATCH 24/32] Dont show Client Tickets in Ticket Details Breadcrumbs if not client is assigned a ticket --- agent/ticket.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/agent/ticket.php b/agent/ticket.php index 33e8cafc..b526132c 100644 --- a/agent/ticket.php +++ b/agent/ticket.php @@ -39,7 +39,6 @@ if (isset($_GET['ticket_id'])) { LEFT JOIN ticket_statuses ON ticket_status = ticket_status_id LEFT JOIN categories ON ticket_category = category_id WHERE ticket_id = $ticket_id - LIMIT 1" ); @@ -358,9 +357,11 @@ if (isset($_GET['ticket_id'])) {
  • All Tickets
    • +
  • Tickets
    • +
    • From b61dfac5692c632f39e8ef73d269331c4bf86314 Mon Sep 17 00:00:00 2001 From: johnnyq Date: Sun, 16 Nov 2025 19:56:59 -0500 Subject: [PATCH 25/32] Ticket Details Checks, Dont display Add/edit relations if no cliet in selected, dont show relations in ticket edit if no client assigned to ticket, also dont display public and email response type if no contact_email exists --- agent/modals/ticket/ticket_edit.php | 35 ++++++++++++++++------------- agent/ticket.php | 4 +++- 2 files changed, 23 insertions(+), 16 deletions(-) diff --git a/agent/modals/ticket/ticket_edit.php b/agent/modals/ticket/ticket_edit.php index cd2e5482..d2d34b30 100644 --- a/agent/modals/ticket/ticket_edit.php +++ b/agent/modals/ticket/ticket_edit.php @@ -38,33 +38,35 @@ while ($row = mysqli_fetch_array($sql_additional_assets)) { ob_start(); ?>
    -
    Editing ticket: -
    +
    Ticket: -
    - +
    - + -
    - + +
    > -
    +
    @@ -182,7 +184,9 @@ ob_start();
    -
    + + +
    @@ -236,7 +240,7 @@ ob_start();
    -
    +
    @@ -372,7 +376,7 @@ ob_start(); while ($row = mysqli_fetch_array($sql_projects)) { $project_id_select = intval($row['project_id']); $project_name_select = nullable_htmlentities($row['project_name']); ?> - + @@ -380,13 +384,14 @@ ob_start();
    +
    - +
    diff --git a/agent/ticket.php b/agent/ticket.php index b526132c..39f1f75c 100644 --- a/agent/ticket.php +++ b/agent/ticket.php @@ -427,7 +427,7 @@ if (isset($_GET['ticket_id'])) { Merge - +
    @@ -600,9 +600,11 @@ if (isset($_GET['ticket_id'])) { + + From 118f9a34d892e8d358ffacf3d7d1a12a904693da Mon Sep 17 00:00:00 2001 From: johnnyq Date: Sun, 16 Nov 2025 20:02:26 -0500 Subject: [PATCH 26/32] Update Changelog --- CHANGELOG.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 6d4a1c8b..7b8968e4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -14,7 +14,11 @@ This file documents all notable changes made to ITFlow. - Fix if Client isn't assigned to a ticket dont show client view. - Fix missing session client id check when paying an invoice from client portal. - Update Composer Webklex-IMAP library dependency symfony/http-foundation from 7.3.3 to 7.3.7 to fix security related issues. -- Add back delete Payment provider the database will handle cascade deletes to saved cards, recurring payments and client payment provider reference. +- Add back delete Payment provider the database will handle cascade deletes to saved cards, recurring payments and client payment provider reference. +- Don't show Client Tickets Breadcrumb if no client is assigned to a ticket. +- Don't Show Contact or Assignment Tab in edit ticket if no Client is Assigned. +- Don't Show add contact, asset, vendor, watcher if not client is assigned to a ticket. +- Don't Show Public Comment & Email if contact email doesn't exist. ### Added / Changed - [Feature] Added Asset Tags. From ef66d5172c831e1efe239422acddd2f201f1eb5c Mon Sep 17 00:00:00 2001 From: johnnyq Date: Sun, 16 Nov 2025 20:27:58 -0500 Subject: [PATCH 27/32] Move Ticket edit from top Right Menu to Ticket Details Section --- agent/ticket.php | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/agent/ticket.php b/agent/ticket.php index 39f1f75c..9241d368 100644 --- a/agent/ticket.php +++ b/agent/ticket.php @@ -416,11 +416,6 @@ if (isset($_GET['ticket_id'])) {
    - - Edit - Summarize @@ -565,9 +560,14 @@ if (isset($_GET['ticket_id'])) {
    -

    +

    Ticket Details -
    + + +
    + +
    +
    From 0c5883b61b3509fa7703a8aca4a8b2c3aaa48073 Mon Sep 17 00:00:00 2001 From: johnnyq Date: Sun, 16 Nov 2025 20:56:30 -0500 Subject: [PATCH 28/32] Use btn-tool for side references in Ticket details and some cleanup --- agent/ticket.php | 88 +++++++++++++++++++++++------------------------- 1 file changed, 42 insertions(+), 46 deletions(-) diff --git a/agent/ticket.php b/agent/ticket.php index 9241d368..ef0fe023 100644 --- a/agent/ticket.php +++ b/agent/ticket.php @@ -915,12 +915,12 @@ if (isset($_GET['ticket_id'])) { 0)) { ?>
    -
    -
    Tasks
    +
    +
    Tasks
    + = 2) { ?>
    - = 2) { ?>
    -
    @@ -937,8 +937,8 @@ if (isset($_GET['ticket_id'])) {
    -
    +
    @@ -967,7 +967,7 @@ if (isset($_GET['ticket_id'])) { $task_completion_estimate = intval($row['task_completion_estimate']); $task_completed_at = nullable_htmlentities($row['task_completed_at']); ?> - + @@ -1025,16 +1025,16 @@ if (isset($_GET['ticket_id'])) {
    -
    -
    Contact
    +
    +
    Contact
    + = 2) { ?>
    - = 2) { ?> - - - - + + +
    +
    @@ -1076,23 +1076,19 @@ if (isset($_GET['ticket_id'])) { - - - - 0) { ?>
    -
    -
    Watchers
    +
    +
    Watchers
    + = 2) { ?>
    - = 2) { ?> - - - - + + +
    +
    @@ -1120,15 +1116,15 @@ if (isset($_GET['ticket_id'])) {
    -
    -
    Assets
    +
    +
    Assets
    + = 2) { ?>
    - = 2) { ?> - - - - + + +
    +
    @@ -1168,15 +1164,15 @@ if (isset($_GET['ticket_id'])) {
    -
    -
    Vendor
    +
    +
    Vendor
    + = 2) { ?>
    - = 2) { ?> - - - - + + +
    +
    @@ -1223,15 +1219,15 @@ if (isset($_GET['ticket_id'])) {
    -
    -
    Project
    +
    +
    Project
    + = 2) { ?>
    - = 2) { ?> - - +
    +
    From 66fb999a8cafd5b296323591184a65f420a29512 Mon Sep 17 00:00:00 2001 From: johnnyq Date: Mon, 17 Nov 2025 11:29:05 -0500 Subject: [PATCH 29/32] Update Test IMAP to use a Raw connection instead of depending on the Deprecated php-imap extension --- admin/post/settings_mail.php | 123 +++++++++++++++++++++++++++++++---- 1 file changed, 112 insertions(+), 11 deletions(-) diff --git a/admin/post/settings_mail.php b/admin/post/settings_mail.php index e515e75d..34d9dc0e 100644 --- a/admin/post/settings_mail.php +++ b/admin/post/settings_mail.php @@ -160,27 +160,128 @@ if (isset($_POST['test_email_smtp'])) { } if (isset($_POST['test_email_imap'])) { - + validateCSRFToken($_POST['csrf_token']); - // Setup your IMAP connection parameters - $hostname = "{" . $config_imap_host . ":" . $config_imap_port . "/" . $config_imap_encryption . "/novalidate-cert}INBOX"; - $username = $config_imap_username; - $password = $config_imap_password; + $host = $config_imap_host; + $port = (int) $config_imap_port; + $encryption = strtolower(trim($config_imap_encryption)); // e.g. "ssl", "tls", "none" + $username = $config_imap_username; + $password = $config_imap_password; + + // Build remote socket (implicit SSL vs plain TCP) + $transport = 'tcp'; + if ($encryption === 'ssl') { + $transport = 'ssl'; + } + + $remote_socket = $transport . '://' . $host . ':' . $port; + + // Stream context (you can tighten these if you want strict validation) + $contextOptions = []; + if (in_array($encryption, ['ssl', 'tls'], true)) { + $contextOptions['ssl'] = [ + 'verify_peer' => false, + 'verify_peer_name' => false, + 'allow_self_signed' => true, + ]; + } + + $context = stream_context_create($contextOptions); try { - $inbox = @imap_open($hostname, $username, $password); + $errno = 0; + $errstr = ''; - if ($inbox) { - imap_close($inbox); + // 10-second timeout, adjust as needed + $fp = @stream_socket_client( + $remote_socket, + $errno, + $errstr, + 10, + STREAM_CLIENT_CONNECT, + $context + ); + + if (!$fp) { + throw new Exception("Could not connect to IMAP server: [$errno] $errstr"); + } + + stream_set_timeout($fp, 10); + + // Read server greeting (IMAP servers send something like: * OK Dovecot ready) + $greeting = fgets($fp, 1024); + if ($greeting === false || strpos($greeting, '* OK') !== 0) { + fclose($fp); + throw new Exception("Invalid IMAP greeting: " . trim((string) $greeting)); + } + + // If you really want STARTTLS for "tls" (port 143), you can do it here + if ($encryption === 'tls' && stripos($greeting, 'STARTTLS') !== false) { + // Request STARTTLS + fwrite($fp, "A0001 STARTTLS\r\n"); + $line = fgets($fp, 1024); + if ($line === false || stripos($line, 'A0001 OK') !== 0) { + fclose($fp); + throw new Exception("STARTTLS failed: " . trim((string) $line)); + } + + // Enable crypto on the stream + if (!stream_socket_enable_crypto($fp, true, STREAM_CRYPTO_METHOD_TLS_CLIENT)) { + fclose($fp); + throw new Exception("Unable to enable TLS encryption on IMAP connection."); + } + } + + // --- Do LOGIN command --- + $tag = 'A0002'; + + // Simple quoting; this may fail with some special chars in username/password. + $loginCmd = sprintf( + "%s LOGIN \"%s\" \"%s\"\r\n", + $tag, + addcslashes($username, "\\\""), + addcslashes($password, "\\\"") + ); + + fwrite($fp, $loginCmd); + + $success = false; + $errorLine = ''; + + while (!feof($fp)) { + $line = fgets($fp, 2048); + if ($line === false) { + break; + } + + // Look for tagged response for our LOGIN + if (strpos($line, $tag . ' ') === 0) { + if (stripos($line, $tag . ' OK') === 0) { + $success = true; + } else { + $errorLine = trim($line); + } + break; + } + } + + // Always logout / close + fwrite($fp, "A0003 LOGOUT\r\n"); + fclose($fp); + + if ($success) { flash_alert("Connected successfully"); } else { - throw new Exception(imap_last_error()); + if (!$errorLine) { + $errorLine = 'Unknown IMAP authentication error'; + } + throw new Exception($errorLine); } + } catch (Exception $e) { - flash_alert("IMAP connection failed: " . $e->getMessage(), 'error'); + flash_alert("IMAP connection failed: " . htmlspecialchars($e->getMessage()), 'error'); } redirect(); - } From 19b8d09bfd7502b821f5bbbdde874db40164c860 Mon Sep 17 00:00:00 2001 From: johnnyq Date: Mon, 17 Nov 2025 11:55:03 -0500 Subject: [PATCH 30/32] Update Ticket Detail card to use the adminlte's Card Collapse --- agent/ticket.php | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/agent/ticket.php b/agent/ticket.php index ef0fe023..7564ddf9 100644 --- a/agent/ticket.php +++ b/agent/ticket.php @@ -810,16 +810,17 @@ if (isset($_GET['ticket_id'])) {
    -
    +
    ">
    - -
    Ticket Details
    -     +
    Ticket Details
    +
    - +
    -
    +
    From f50aabb570a7a98130d28689ffeaefcd20ab5b78 Mon Sep 17 00:00:00 2001 From: johnnyq Date: Mon, 17 Nov 2025 11:59:43 -0500 Subject: [PATCH 31/32] Update Changelog --- CHANGELOG.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 7b8968e4..3b1e8663 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -19,6 +19,7 @@ This file documents all notable changes made to ITFlow. - Don't Show Contact or Assignment Tab in edit ticket if no Client is Assigned. - Don't Show add contact, asset, vendor, watcher if not client is assigned to a ticket. - Don't Show Public Comment & Email if contact email doesn't exist. +- Fixed IMAP Test whicn now uses RAW TCP Connection instead of the depracated php-imap extension. ### Added / Changed - [Feature] Added Asset Tags. @@ -28,6 +29,7 @@ This file documents all notable changes made to ITFlow. - Add UserID on hover in users listing. - Merge ticket now redirects to the new ticket details page. - [Feature] Add Pay via saved card under invoice Listings. +- Ticket Related Side Items UI Cleanup to use btn-tool class. ## [25.11] Stable From 02694f6720e3e30ec1a1d16826c0b965c56b3898 Mon Sep 17 00:00:00 2001 From: johnnyq Date: Mon, 17 Nov 2025 12:10:10 -0500 Subject: [PATCH 32/32] Fix Broken Links in Email to Agent via Client Portal Ticket Update, update changelog --- CHANGELOG.md | 1 + client/post.php | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 3b1e8663..d8af4496 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -20,6 +20,7 @@ This file documents all notable changes made to ITFlow. - Don't Show add contact, asset, vendor, watcher if not client is assigned to a ticket. - Don't Show Public Comment & Email if contact email doesn't exist. - Fixed IMAP Test whicn now uses RAW TCP Connection instead of the depracated php-imap extension. +- Fix Broken Link in Ticket Updates via Client Portal to agent. ### Added / Changed - [Feature] Added Asset Tags. diff --git a/client/post.php b/client/post.php index c61bff63..054f1139 100644 --- a/client/post.php +++ b/client/post.php @@ -49,7 +49,7 @@ if (isset($_POST['add_ticket'])) { $details = removeEmoji($details); $email_subject = "ITFlow - New Ticket - $client_name: $subject"; - $email_body = "Hello,

    This is a notification that a new ticket has been raised in ITFlow.
    Client: $client_name
    Priority: $priority
    Link: https://$config_base_url/ticket.php?ticket_id=$ticket_id

    $subject
    $details"; + $email_body = "Hello,

    This is a notification that a new ticket has been raised in ITFlow.
    Client: $client_name
    Priority: $priority
    Link: https://$config_base_url/agent/ticket.php?ticket_id=$ticket_id&client_id=$session_client_id

    $subject
    $details"; // Queue Mail $data = [ @@ -113,7 +113,7 @@ if (isset($_POST['add_ticket_comment'])) { $tech_name = sanitizeInput($tech_details['user_name']); $subject = "$config_app_name Ticket updated - [$config_ticket_prefix$ticket_number] $ticket_subject"; - $body = "Hello $tech_name,

    A new reply has been added to the below ticket, check ITFlow for full details.

    Client: $client_name
    Ticket: $config_ticket_prefix$ticket_number
    Subject: $ticket_subject

    https://$config_base_url/ticket.php?ticket_id=$ticket_id"; + $body = "Hello $tech_name,

    A new reply has been added to the below ticket, check ITFlow for full details.

    Client: $client_name
    Ticket: $config_ticket_prefix$ticket_number
    Subject: $ticket_subject

    https://$config_base_url/agent/ticket.php?ticket_id=$ticket_id&client_id=$session_client_id"; $data = [ [